Changeset - 5e176c2a3067
Parent rev.
Child rev.
[Not reviewed]
0 1 0
Branko Majic (branko) - 4 years ago 2020-07-13 17:12:17
branko@majic.rs
GC-37: Parametrise a couple of storage test functions to cover ECDSA as well.
1 file changed with 17 insertions and 8 deletions:
tests/test_storage.py
17
8
0 comments (0 inline, 0 general)
tests/test_storage.py
Show inline comments
 
@@ -39,26 +39,30 @@ def test_initialise_storage(tmpdir):
 
    assert os.path.exists(tmpdir.join('.gimmecert').strpath)
 
    assert os.path.exists(tmpdir.join('.gimmecert', 'ca').strpath)
 
    assert os.path.exists(tmpdir.join('.gimmecert', 'server').strpath)
 
    assert os.path.exists(tmpdir.join('.gimmecert', 'client').strpath)
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_write_private_key(tmpdir):

			




	
	
	
		
 
@pytest.mark.parametrize("key_specification, key_type_representation", [

			




	
	
	
		
 
    [("rsa", 2048), "RSA"],

			




	
	
	
		
 
    [("ecdsa", cryptography.hazmat.primitives.asymmetric.ec.SECP192R1), "EC"],

			




	
	
	
		
 
])

			




	
	
	
		
 
def test_write_private_key(tmpdir, key_specification, key_type_representation):

			




	
	
	
		
 
    tmpdir.chdir()

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator(*key_specification)()

			




	
	
	
		
 
    key_path = tmpdir.join('test.key.pem').strpath

			




	
	
	
		
 

			




	
	
	
		
 
    gimmecert.storage.write_private_key(private_key, key_path)

			




	
	
	
		
 

			




	
	
	
		
 
    assert os.path.exists(key_path)

			




	
	
	
		
 

			




	
	
	
		
 
    with open(key_path, 'r') as key_file:

			




	
	
	
		
 
        content = key_file.read()

			




	
	
	
		
 
        assert 'BEGIN RSA PRIVATE KEY' in content

			




	
	
	
		
 
        assert 'END RSA PRIVATE KEY' in content

			




	
	
	
		
 
        assert 'BEGIN %s PRIVATE KEY' % key_type_representation in content

			




	
	
	
		
 
        assert 'END %s PRIVATE KEY' % key_type_representation in content

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_write_certificate(tmpdir):

			




	
	
	
		
 
    tmpdir.chdir()

			




	
	
	
		
 

			




	
	
	
		
 
    issuer_dn = gimmecert.crypto.get_dn('My test 1')

			




	
	
		
 
@@ -121,20 +125,24 @@ def test_read_ca_hierarchy_returns_list_of_ca_private_key_and_certificate_pairs_

			




	
	
	
		
 
    private_key, certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    assert isinstance(private_key, private_key_instance_type)

			




	
	
	
		
 
    assert isinstance(certificate, cryptography.x509.Certificate)

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_read_private_key_returns_private_key(tmpdir):

			




	
	
	
		
 
@pytest.mark.parametrize("key_specification, private_key_instance_type", [

			




	
	
	
		
 
    [("rsa", 1024), cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey],

			




	
	
	
		
 
    [("ecdsa", cryptography.hazmat.primitives.asymmetric.ec.SECP192R1), cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey],

			




	
	
	
		
 
])

			




	
	
	
		
 
def test_read_private_key_returns_private_key(tmpdir, key_specification, private_key_instance_type):

			




	
	
	
		
 
    private_key_path = tmpdir.join('private.key.pem').strpath

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator(*key_specification)()

			




	
	
	
		
 
    gimmecert.storage.write_private_key(private_key, private_key_path)

			




	
	
	
		
 

			




	
	
	
		
 
    my_private_key = gimmecert.storage.read_private_key(private_key_path)

			




	
	
	
		
 

			




	
	
	
		
 
    assert isinstance(my_private_key, cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey)

			




	
	
	
		
 
    assert isinstance(my_private_key, private_key_instance_type)

			




	
	
	
		
 
    assert my_private_key.public_key().public_numbers() == private_key.public_key().public_numbers()  # Can't compare private keys directly.

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_read_certificate_returns_certificate(tmpdir):

			




	
	
	
		
 
    certificate_path = tmpdir.join('certificate.cert.pem').strpath

			




	
	
	
		
 
    dn = gimmecert.crypto.get_dn('mycertificate')

			




	
	
		
 
@@ -151,13 +159,14 @@ def test_read_certificate_returns_certificate(tmpdir):

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
@pytest.mark.parametrize("key_specification, private_key_instance_type", [

			




	
	
	
		
 
    [("rsa", 1024), cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey],

			




	
	
	
		
 
    [("ecdsa", cryptography.hazmat.primitives.asymmetric.ec.SECP192R1), cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey],

			




	
	
	
		
 
])

			




	
	
	
		
 
def test_read_ca_hierarchy_returns_list_of_ca_private_key_and_certificate_pairs_in_hierarchy_order_for_multiple_cas(tmpdir, key_specification, private_key_instance_type):

			




	
	
	
		
 
def test_read_ca_hierarchy_returns_list_of_ca_private_key_and_certificate_pairs_in_hierarchy_order_for_multiple_cas(tmpdir, key_specification,

			




	
	
	
		
 
                                                                                                                    private_key_instance_type):

			




	
	
	
		
 
    tmpdir.chdir()

			




	
	
	
		
 
    gimmecert.commands.init(io.StringIO(), io.StringIO(), tmpdir.strpath, 'My Project', 4, key_specification)

			




	
	
	
		
 

			




	
	
	
		
 
    ca_hierarchy = gimmecert.storage.read_ca_hierarchy(tmpdir.join('.gimmecert', 'ca').strpath)

			




	
	
	
		
 

			




	
	
	
		
 
    assert len(ca_hierarchy) == 4

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2023 by various authors & licensed under GPLv3.